Special setuid wrapper for Mango
- From: Olav Vitters <olav bkor dhs org>
- To: gnome-infrastructure gnome org
- Subject: Special setuid wrapper for Mango
- Date: Thu, 30 Jul 2009 14:42:41 +0200
Could someone write a setuid wrapper for me?
I'd like people to be able to reset their Mango LDAP password. For this
I'd like to have it work by allowing people to do:
ssh -l $USERID mango.gnome.org mango
The fake mango command would call the setuid mango (not setuid root!)
script named:
/usr/local/bin/mango-reset (or something)
which calls:
/usr/local/bin/mango-reset.py $ORIGINAL_ID (or something, ENV variable
is also ok, at long as everything stays secure)
So I need a secure /usr/local/bin/mango-reset.c which checks which user
called it (so e.g. if someone logs in, I'd like to have my Python script
*securely* know which password / uid to reset.
Note: I prefer a number for the userid, e.g. 7810 or something. Think
that is more secure.
Could someone write above for me, securely?
Note: We already have something for signal-ftp-sync. Can't reuse it as I
want to know who called the setuid wrapper.
--
Regards,
Olav
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
